Application No. 10/630,162 
Amendment "D" dated October 31, 2008 
Reply to Office Action mailed July 1, 2008 

AMENDMENTS TO THE CLAIMS 

This listing of claims replaces all prior versions, and listings, of claims in the application: 
Listing of Claims: 

1-23. (Cancelled). 

24. (Currently Amended) In a computer system that includes items stored in at least 
one volume, the volume being divided into at least one non-overlapping security zone, each of 
the at least one non-overlapping security zone being defined as a grouping of items having 
common security rules, each item residing in a non-overlapping security zone from among the at 
least one non-overlapping security zone, each non-overlapping security zone having one or more 
principals with administrative rights, a method of delegating administrative rights to other 
principals for first items included in a main non-overlapping security zone included in the at least 
one non-overlapping security zone, comprising: 

an act of identifying first items for which common security rules are to be enforced and 
other items for which common security rules are to be maintained independent from the common 
security rules of the identified first items residing in a main non-overlapping security zone within 
a volume comprising a plurality of non-overlapping security zones; 

an act of splitting the main non-overlapping security zone into a first non-overlapping 
security zone containing the identified first ef-items for which common security rules are to be 
enforced having common s e curity rul e s and a remaining non-overlapping main security zone 
having the other items having common security rules that are not dependent upon the common 
security rules of the first non-overlapping security zone such that the first non-overlapping 
security zone and the remaining non-overlapping main security zones do not overlap with any of 
the plurality of other non-overlapping security zones included in the volume, the one or more 
main principals retaining administrative rights for the first non-overlapping security zone and the 
remaining main non-overlapping security zone, the first non-overlapping security zone including 
the first items and the remaining main non-overlapping security zone including only the other 
items from the main non-overlapping security zone not included in the first items, and wherein 
said splitting is restricted in such a way as to prevent overlapping between security zones and 
such that none of the first items and other items from the main non-overlapping security zone are 
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shared present in more than one security zone when the main non-overlapping security zone is 
split wherein the security zones thereby have a dynamic configurable granularity of items having 
common security rules; and 

an act of specifying that one or more first principals also have administrative rights to the 
first non-overlapping security zone containing the first items , such that the entirety of items in 
the first non-overlapping security zone necessarily have the common security rules. 

25. (Original) The method of claim 24, specifying the one or more first principals is 
performed by the one or more main principals. 

26. (Previously Presented) The method of claim 24 further comprising the act of 
labeling the first items with a security zone enumeration corresponding to the first non- 
overlapping security zone. 

27. (Original) The method of claim 24, the administrative rights being security rights. 

28. (Original) The method of claim 24, the administrative rights being auditing rights. 

29. (Previously Presented) The method of claim 24 further comprising the act of 
specifying security rules for the first non-overlapping security zone after the act of splitting. 

30. (Previously Presented) The method of claim 24 comprising the act of specifying 
security rules for the first non-overlapping security zone by defaulting security rules that were 
from the main non-overlapping security zone prior to the act of splitting. 

31. (Previously Presented) A method for creating a non-overlapping security zone 
from the first non-overlapping security zone and the remaining main non-overlapping security 
zone recited in claim 24 comprising an act of re-combining the first non-overlapping security 
zone and the remaining main non-overlapping security zone. 
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32. (Previously Presented) A method for creating a non-overlapping security zone 
from the first non-overlapping security zone recited in claim 24 and a subsequent remaining 
main non-overlapping security zone, the subsequent remaining non-overlapping security zone 
formed from splitting the remaining main non-overlapping security zone, wherein the 
administrative principals of the subsequent remaining main non-overlapping security zone are 
the administrative principals in the main non-overlapping security zone, comprising an act of re- 
combining the first non-overlapping security zone and the subsequent remaining main non- 
overlapping security zone. 



33. (Cancelled) 
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34. (Currently Amended) A computer program product comprising one or more 
computer-readable storage media that store computer-executable instructions that, when 
executed by a processor, cause the computer system to perform a method of delegating 
administrative rights to other principals for first items included in a main non-overlapping 
security zone included in at least one non-overlapping security zone, comprising: 

an act of identifying first items for which common security rules are to be enforced and 
other items for which common security rules are to be maintained independent from the common 
security rules of the identified first items residing in a main non-overlapping security zone within 
a volume comprising a plurality of non-overlapping security zones, wherein the security rules 
comprise an access control list defining the rights a principal has to the items in the security zone 
associated with the security rules; 

an act of splitting the main non-overlapping security zone into a first non-overlapping 
security zone containing the identified first ef-items for which common security rules are to be 
enforced having common s e curity rules and a remaining non-overlapping main security zone 
having the other items having common security rules that are not dependent upon the common 
security rules of the first non-overlapping security zone such that the first non-overlapping 
security zone and the remaining non-overlapping main security zone zon e s do not overlap with 
any of the plurality of other non-overlapping security zones included in the volume, the one or 
more main principals retaining administrative rights for the first non-overlapping security zone 
and the remaining main non-overlapping security zone, the first non-overlapping security zone 
including the first items and the remaining main non-overlapping security zone including only 
the other items from the main non-overlapping security zone not included in the first items, and 
wherein said splitting is restricted in such a way as to prevent overlapping between security 
zones and such that none of the first items and other items from the main non-overlapping 
security zone are present in more than one security zone shared-when the main non-overlapping 
security zone is split wherein the security zones thereby have a dynamic configurable granularity 
of items having common security rules; and 

an act of specifying that one or more first principals also have administrative rights to the 
first non-overlapping security zone containing the first items , such that the entirety of items in 
the first non-overlapping security zone necessarily have the common security rules. 
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35. (Cancelled) 

36. (Currently Amended) The method of claim 1 claim 24 wherein the security rules 
comprise an access control list defining the rights a principal has to the items in the security zone 
associated with the security rules. 
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